[Openswan Users] virtual_private exclude question

Mike James mike.james at clutch.com
Fri Jan 17 14:05:22 EST 2014

I searched but didn’t see any answer / explanation of this. In my xl2tpd config for remote workers, I’ve used a different subnet to hand out IPs. Do I have to exclude that subnet in virtual_private declaration in ipsec.conf?


   ipsec saref = no
   listen-addr =

[lns default]
   ip range =
   local ip =
   refuse chap = yes
   refuse pap = yes
   require authentication = yes
   ppp debug = yes
   pppoptfile = /etc/ppp/options
   length bit = yes

Should virtual_private exclude both and


Michael James
Sr. Network Engineer
267-419-6400, x204
mike.james at clutch.com
The Premiere loyalty, rewards, and gifting platform
for consumer-focused brands and retailers.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openswan.org/pipermail/users/attachments/20140117/89c609a6/attachment.html>

More information about the Users mailing list